<?php

include 'lib.php';
include 'config.php';

// If the key is send via POST, use POST instead of GET.
if(isset($_POST['k'])){
    $_GET = $_POST;
}

$key = $_GET['k'];

if(!isValidApp($key)){
    $status = "INVALID_KEY";
    logger("Courses", "INVALID_KEY", $key);
    header ("Content-Type:text/xml");
    echo '<?xml version="1.0"?><Result><Status>INVALID_KEY</Status></Result>';
    exit();
}

logger("Courses", "OK", $key);

header ("Content-Type:text/xml");

echo '<?xml version="1.0" encoding="utf-8"?>';
echo '<Result>';
echo '<Status>OK</Status>';
echo '<Courses>';

$query = "SELECT * FROM courses ORDER BY code ASC;";
$result = mysqli_query($db, $query);
while($row = mysqli_fetch_assoc($result)){
    echo '<Course>';
    echo '<Code>'.$row['code'].'</Code>';
    echo '<Title_English>'.$row['name_en'].'</Title_English>';
    echo '<Title_German>'.str_replace("&", "und", $row['name_de']).'</Title_German>';
    echo '<Type>'.$row['course_type'].'</Type>';
    echo '</Course>';
}
echo '</Courses>';
echo '</Result>';
?>
